* arch/riscv/include/asm/spinlock.h:24:2: warning: Dereference of null pointer [clang-analyzer-core.NullDereference]
@ 2022-01-27 4:37 kernel test robot
0 siblings, 0 replies; 3+ messages in thread
From: kernel test robot @ 2022-01-27 4:37 UTC (permalink / raw)
To: kbuild
[-- Attachment #1: Type: text/plain, Size: 16352 bytes --]
CC: llvm(a)lists.linux.dev
CC: kbuild-all(a)lists.01.org
CC: linux-kernel(a)vger.kernel.org
TO: Thomas Gleixner <tglx@linutronix.de>
CC: Ingo Molnar <mingo@kernel.org>
CC: "Peter Zijlstra (Intel)" <peterz@infradead.org>
tree: https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git master
head: 0280e3c58f92b2fe0e8fbbdf8d386449168de4a8
commit: 531ae4b06a737ed5539cd75dc6f6b9a28f900bba locking/rtmutex: Split API from implementation
date: 5 months ago
:::::: branch date: 34 hours ago
:::::: commit date: 5 months ago
config: riscv-randconfig-c006-20220121 (https://download.01.org/0day-ci/archive/20220127/202201271222.3cRzpgZJ-lkp(a)intel.com/config)
compiler: clang version 14.0.0 (https://github.com/llvm/llvm-project d4baf3b1322b84816aa623d8e8cb45a49cb68b84)
reproduce (this is a W=1 build):
wget https://raw.githubusercontent.com/intel/lkp-tests/master/sbin/make.cross -O ~/bin/make.cross
chmod +x ~/bin/make.cross
# install riscv cross compiling tool for clang build
# apt-get install binutils-riscv64-linux-gnu
# https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=531ae4b06a737ed5539cd75dc6f6b9a28f900bba
git remote add linus https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git
git fetch --no-tags linus master
git checkout 531ae4b06a737ed5539cd75dc6f6b9a28f900bba
# save the config file to linux build tree
COMPILER_INSTALL_PATH=$HOME/0day COMPILER=clang make.cross ARCH=riscv clang-analyzer
If you fix the issue, kindly add following tag as appropriate
Reported-by: kernel test robot <lkp@intel.com>
clang-analyzer warnings: (new ones prefixed by >>)
^~~~~~
fs/orangefs/orangefs-debugfs.c:752:5: note: Call to function 'strcat' is insecure as it does not provide bounding of the memory buffer. Replace unbounded copy functions with analogous functions that support length arguments such as 'strlcat'. CWE-119
strcat(kernel_debug_string, ",");
^~~~~~
fs/orangefs/orangefs-debugfs.c:777:5: warning: Call to function 'strcat' is insecure as it does not provide bounding of the memory buffer. Replace unbounded copy functions with analogous functions that support length arguments such as 'strlcat'. CWE-119 [clang-analyzer-security.insecureAPI.strcpy]
strcat(client_debug_string,
^~~~~~
fs/orangefs/orangefs-debugfs.c:777:5: note: Call to function 'strcat' is insecure as it does not provide bounding of the memory buffer. Replace unbounded copy functions with analogous functions that support length arguments such as 'strlcat'. CWE-119
strcat(client_debug_string,
^~~~~~
fs/orangefs/orangefs-debugfs.c:779:5: warning: Call to function 'strcat' is insecure as it does not provide bounding of the memory buffer. Replace unbounded copy functions with analogous functions that support length arguments such as 'strlcat'. CWE-119 [clang-analyzer-security.insecureAPI.strcpy]
strcat(client_debug_string, ",");
^~~~~~
fs/orangefs/orangefs-debugfs.c:779:5: note: Call to function 'strcat' is insecure as it does not provide bounding of the memory buffer. Replace unbounded copy functions with analogous functions that support length arguments such as 'strlcat'. CWE-119
strcat(client_debug_string, ",");
^~~~~~
Suppressed 14 warnings (7 in non-user code, 7 with check filters).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
4 warnings generated.
Suppressed 4 warnings (4 in non-user code).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
6 warnings generated.
lib/glob.c:48:32: warning: Assigned value is garbage or undefined [clang-analyzer-core.uninitialized.Assign]
char const *back_pat = NULL, *back_str = back_str;
^ ~~~~~~~~
lib/glob.c:48:32: note: Assigned value is garbage or undefined
char const *back_pat = NULL, *back_str = back_str;
^ ~~~~~~~~
Suppressed 5 warnings (5 in non-user code).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
5 warnings generated.
Suppressed 5 warnings (5 in non-user code).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
12 warnings generated.
Suppressed 12 warnings (5 in non-user code, 7 with check filters).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
12 warnings generated.
Suppressed 12 warnings (5 in non-user code, 7 with check filters).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
12 warnings generated.
Suppressed 12 warnings (5 in non-user code, 7 with check filters).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
12 warnings generated.
Suppressed 12 warnings (5 in non-user code, 7 with check filters).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
12 warnings generated.
Suppressed 12 warnings (5 in non-user code, 7 with check filters).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
12 warnings generated.
Suppressed 12 warnings (5 in non-user code, 7 with check filters).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
12 warnings generated.
Suppressed 12 warnings (5 in non-user code, 7 with check filters).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
14 warnings generated.
lib/mpi/ec.c:396:2: warning: Value stored to 'cy' is never read [clang-analyzer-deadcode.DeadStores]
cy += mpihelp_add_n(b0, b0, a3, LIMB_SIZE_HALF_448);
^ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
lib/mpi/ec.c:396:2: note: Value stored to 'cy' is never read
cy += mpihelp_add_n(b0, b0, a3, LIMB_SIZE_HALF_448);
^ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
lib/mpi/ec.c:410:2: warning: Value stored to 'cy' is never read [clang-analyzer-deadcode.DeadStores]
cy += mpihelp_add_n(b1, b1, a3, LIMB_SIZE_HALF_448);
^ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
lib/mpi/ec.c:410:2: note: Value stored to 'cy' is never read
cy += mpihelp_add_n(b1, b1, a3, LIMB_SIZE_HALF_448);
^ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Suppressed 12 warnings (5 in non-user code, 7 with check filters).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
12 warnings generated.
Suppressed 12 warnings (5 in non-user code, 7 with check filters).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
19 warnings generated.
Suppressed 19 warnings (12 in non-user code, 7 with check filters).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
19 warnings generated.
Suppressed 19 warnings (12 in non-user code, 7 with check filters).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
19 warnings generated.
Suppressed 19 warnings (12 in non-user code, 7 with check filters).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
11 warnings generated.
Suppressed 11 warnings (4 in non-user code, 7 with check filters).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
12 warnings generated.
Suppressed 12 warnings (5 in non-user code, 7 with check filters).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
6 warnings generated.
Suppressed 6 warnings (4 in non-user code, 2 with check filters).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
4 warnings generated.
Suppressed 4 warnings (4 in non-user code).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
11 warnings generated.
Suppressed 11 warnings (4 in non-user code, 7 with check filters).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
2 warnings generated.
Suppressed 2 warnings (2 in non-user code).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
6 warnings generated.
>> arch/riscv/include/asm/spinlock.h:24:2: warning: Dereference of null pointer [clang-analyzer-core.NullDereference]
smp_store_release(&lock->lock, 0);
^
include/asm-generic/barrier.h:138:33: note: expanded from macro 'smp_store_release'
#define smp_store_release(p, v) __smp_store_release(p, v)
^
arch/riscv/include/asm/barrier.h:34:2: note: expanded from macro '__smp_store_release'
WRITE_ONCE(*p, v); \
^
include/asm-generic/rwonce.h:61:2: note: expanded from macro 'WRITE_ONCE'
__WRITE_ONCE(x, val); \
^
include/asm-generic/rwonce.h:55:30: note: expanded from macro '__WRITE_ONCE'
*(volatile typeof(x) *)&(x) = (val); \
^
kernel/locking/rtmutex_api.c:419:2: note: Loop condition is false. Exiting loop
raw_spin_lock_irqsave(&task->pi_lock, flags);
^
include/linux/spinlock.h:250:2: note: expanded from macro 'raw_spin_lock_irqsave'
do { \
^
kernel/locking/rtmutex_api.c:422:6: note: Assuming 'waiter' is non-null
if (!waiter || rt_mutex_waiter_equal(waiter, task_to_waiter(task))) {
^~~~~~~
kernel/locking/rtmutex_api.c:422:6: note: Left side of '||' is false
kernel/locking/rtmutex_api.c:422:2: note: Taking false branch
if (!waiter || rt_mutex_waiter_equal(waiter, task_to_waiter(task))) {
^
kernel/locking/rtmutex_api.c:427:2: note: Loop condition is false. Exiting loop
raw_spin_unlock_irqrestore(&task->pi_lock, flags);
^
include/linux/spinlock.h:288:2: note: expanded from macro 'raw_spin_unlock_irqrestore'
do { \
^
kernel/locking/rtmutex_api.c:432:2: note: Calling 'rt_mutex_adjust_prio_chain'
rt_mutex_adjust_prio_chain(task, RT_MUTEX_MIN_CHAINWALK, NULL,
^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
kernel/locking/rtmutex.c:466:6: note: Assuming the condition is false
if (++depth > max_lock_depth) {
^~~~~~~~~~~~~~~~~~~~~~~~
kernel/locking/rtmutex.c:466:2: note: Taking false branch
if (++depth > max_lock_depth) {
^
kernel/locking/rtmutex.c:510:6: note: Assuming 'waiter' is non-null
if (!waiter)
^~~~~~~
kernel/locking/rtmutex.c:510:2: note: Taking false branch
if (!waiter)
^
kernel/locking/rtmutex.c:517:6: note: 'orig_waiter' is null
if (orig_waiter && !rt_mutex_owner(orig_lock))
^~~~~~~~~~~
kernel/locking/rtmutex.c:517:18: note: Left side of '&&' is false
if (orig_waiter && !rt_mutex_owner(orig_lock))
^
kernel/locking/rtmutex.c:529:6: note: Assuming 'next_lock' is equal to field 'lock'
if (next_lock != waiter->lock)
^~~~~~~~~~~~~~~~~~~~~~~~~
kernel/locking/rtmutex.c:529:2: note: Taking false branch
if (next_lock != waiter->lock)
^
kernel/locking/rtmutex.c:537:6: note: 'top_waiter' is null
if (top_waiter) {
^~~~~~~~~~
kernel/locking/rtmutex.c:537:2: note: Taking false branch
if (top_waiter) {
^
kernel/locking/rtmutex.c:561:6: note: Calling 'rt_mutex_waiter_equal'
if (rt_mutex_waiter_equal(waiter, task_to_waiter(task))) {
^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
kernel/locking/rtmutex.c:274:6: note: Assuming 'left->prio' is not equal to 'right->prio'
if (left->prio != right->prio)
^~~~~~~~~~~~~~~~~~~~~~~~~
kernel/locking/rtmutex.c:274:2: note: Taking true branch
if (left->prio != right->prio)
^
kernel/locking/rtmutex.c:275:3: note: Returning without writing to 'left->lock'
return 0;
^
kernel/locking/rtmutex.c:275:3: note: Returning zero, which participates in a condition later
return 0;
^~~~~~~~
kernel/locking/rtmutex.c:561:6: note: Returning from 'rt_mutex_waiter_equal'
if (rt_mutex_waiter_equal(waiter, task_to_waiter(task))) {
^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
kernel/locking/rtmutex.c:561:2: note: Taking false branch
if (rt_mutex_waiter_equal(waiter, task_to_waiter(task))) {
^
kernel/locking/rtmutex.c:571:2: note: Value assigned to 'lock'
lock = waiter->lock;
^~~~~~~~~~~~~~~~~~~
kernel/locking/rtmutex.c:577:6: note: Assuming the condition is false
if (!raw_spin_trylock(&lock->wait_lock)) {
^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
kernel/locking/rtmutex.c:577:2: note: Taking false branch
if (!raw_spin_trylock(&lock->wait_lock)) {
^
kernel/locking/rtmutex.c:592:6: note: Assuming 'lock' is equal to 'orig_lock'
if (lock == orig_lock || rt_mutex_owner(lock) == top_task) {
^~~~~~~~~~~~~~~~~
kernel/locking/rtmutex.c:592:24: note: Left side of '||' is true
vim +24 arch/riscv/include/asm/spinlock.h
fab957c11efe2f4 Palmer Dabbelt 2017-07-10 21
fab957c11efe2f4 Palmer Dabbelt 2017-07-10 22 static inline void arch_spin_unlock(arch_spinlock_t *lock)
fab957c11efe2f4 Palmer Dabbelt 2017-07-10 23 {
0123f4d76ca63b7 Andrea Parri 2018-03-09 @24 smp_store_release(&lock->lock, 0);
fab957c11efe2f4 Palmer Dabbelt 2017-07-10 25 }
fab957c11efe2f4 Palmer Dabbelt 2017-07-10 26
:::::: The code at line 24 was first introduced by commit
:::::: 0123f4d76ca63b7b895f40089be0ce4809e392d8 riscv/spinlock: Strengthen implementations with fences
:::::: TO: Andrea Parri <parri.andrea@gmail.com>
:::::: CC: Palmer Dabbelt <palmer@sifive.com>
---
0-DAY CI Kernel Test Service, Intel Corporation
https://lists.01.org/hyperkitty/list/kbuild-all(a)lists.01.org
^ permalink raw reply [flat|nested] 3+ messages in thread
* arch/riscv/include/asm/spinlock.h:24:2: warning: Dereference of null pointer [clang-analyzer-core.NullDereference]
@ 2022-03-18 5:07 kernel test robot
0 siblings, 0 replies; 3+ messages in thread
From: kernel test robot @ 2022-03-18 5:07 UTC (permalink / raw)
To: kbuild
[-- Attachment #1: Type: text/plain, Size: 14002 bytes --]
CC: llvm(a)lists.linux.dev
CC: kbuild-all(a)lists.01.org
BCC: lkp(a)intel.com
CC: linux-kernel(a)vger.kernel.org
TO: Thomas Gleixner <tglx@linutronix.de>
CC: Ingo Molnar <mingo@kernel.org>
CC: "Peter Zijlstra (Intel)" <peterz@infradead.org>
tree: https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git master
head: 551acdc3c3d2b6bc97f11e31dcf960bc36343bfc
commit: 531ae4b06a737ed5539cd75dc6f6b9a28f900bba locking/rtmutex: Split API from implementation
date: 7 months ago
:::::: branch date: 9 hours ago
:::::: commit date: 7 months ago
config: riscv-randconfig-c006-20220317 (https://download.01.org/0day-ci/archive/20220318/202203181309.E0l1DZXg-lkp(a)intel.com/config)
compiler: clang version 15.0.0 (https://github.com/llvm/llvm-project a6ec1e3d798f8eab43fb3a91028c6ab04e115fcb)
reproduce (this is a W=1 build):
wget https://raw.githubusercontent.com/intel/lkp-tests/master/sbin/make.cross -O ~/bin/make.cross
chmod +x ~/bin/make.cross
# install riscv cross compiling tool for clang build
# apt-get install binutils-riscv64-linux-gnu
# https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=531ae4b06a737ed5539cd75dc6f6b9a28f900bba
git remote add linus https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git
git fetch --no-tags linus master
git checkout 531ae4b06a737ed5539cd75dc6f6b9a28f900bba
# save the config file to linux build tree
COMPILER_INSTALL_PATH=$HOME/0day COMPILER=clang make.cross ARCH=riscv clang-analyzer
If you fix the issue, kindly add following tag as appropriate
Reported-by: kernel test robot <lkp@intel.com>
clang-analyzer warnings: (new ones prefixed by >>)
^ ~~~~~~~~~~~~~~~~~~~
lib/mpi/mpih-div.c:37:6: note: Assuming 'dividend_size' is not equal to 0
if (!dividend_size)
^~~~~~~~~~~~~~
lib/mpi/mpih-div.c:37:2: note: Taking false branch
if (!dividend_size)
^
lib/mpi/mpih-div.c:49:4: note: Left side of '&&' is false
&& (UDIV_TIME - (2 * UMUL_TIME + 6)) * dividend_size > UDIV_TIME) {
^
lib/mpi/mpih-div.c:122:3: note: Taking true branch
if (UDIV_NEEDS_NORMALIZATION) {
^
lib/mpi/mpih-div.c:125:26: note: Calling 'count_leading_zeros'
normalization_steps = count_leading_zeros(divisor_limb);
^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
include/linux/count_zeros.h:25:2: note: Taking true branch
if (sizeof(x) == 4)
^
include/linux/count_zeros.h:26:3: note: Returning the value 32, which participates in a condition later
return BITS_PER_LONG - fls(x);
^~~~~~~~~~~~~~~~~~~~~~~~~~~~~
include/linux/count_zeros.h:26:3: note: Returning the value 32
return BITS_PER_LONG - fls(x);
^~~~~~~~~~~~~~~~~~~~~~~~~~~~~
lib/mpi/mpih-div.c:125:26: note: Returning from 'count_leading_zeros'
normalization_steps = count_leading_zeros(divisor_limb);
^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
lib/mpi/mpih-div.c:125:4: note: The value 32 is assigned to 'normalization_steps'
normalization_steps = count_leading_zeros(divisor_limb);
^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
lib/mpi/mpih-div.c:126:8: note: 'normalization_steps' is 32
if (normalization_steps) {
^~~~~~~~~~~~~~~~~~~
lib/mpi/mpih-div.c:126:4: note: Taking true branch
if (normalization_steps) {
^
lib/mpi/mpih-div.c:127:18: note: Assigned value is garbage or undefined
divisor_limb <<= normalization_steps;
^ ~~~~~~~~~~~~~~~~~~~
lib/mpi/mpih-div.c:202:12: warning: Division by zero [clang-analyzer-core.DivideZero]
return 1 / dsize;
~~^~~~~~~
lib/mpi/mpih-div.c:194:2: note: Control jumps to 'case 0:' @line 195
switch (dsize) {
^
lib/mpi/mpih-div.c:202:12: note: Division by zero
return 1 / dsize;
~~^~~~~~~
lib/mpi/mpih-div.c:475:18: warning: Assigned value is garbage or undefined [clang-analyzer-core.uninitialized.Assign]
divisor_limb <<= normalization_steps;
^ ~~~~~~~~~~~~~~~~~~~
lib/mpi/mpih-div.c:387:6: note: Assuming 'dividend_size' is not equal to 0
if (!dividend_size)
^~~~~~~~~~~~~~
lib/mpi/mpih-div.c:387:2: note: Taking false branch
if (!dividend_size)
^
lib/mpi/mpih-div.c:399:4: note: Left side of '&&' is false
&& (UDIV_TIME - (2 * UMUL_TIME + 6)) * dividend_size > UDIV_TIME) {
^
lib/mpi/mpih-div.c:470:3: note: Taking true branch
if (UDIV_NEEDS_NORMALIZATION) {
^
lib/mpi/mpih-div.c:473:26: note: Calling 'count_leading_zeros'
normalization_steps = count_leading_zeros(divisor_limb);
^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
include/linux/count_zeros.h:25:2: note: Taking true branch
if (sizeof(x) == 4)
^
include/linux/count_zeros.h:26:3: note: Returning the value 32, which participates in a condition later
return BITS_PER_LONG - fls(x);
^~~~~~~~~~~~~~~~~~~~~~~~~~~~~
include/linux/count_zeros.h:26:3: note: Returning the value 32
return BITS_PER_LONG - fls(x);
^~~~~~~~~~~~~~~~~~~~~~~~~~~~~
lib/mpi/mpih-div.c:473:26: note: Returning from 'count_leading_zeros'
normalization_steps = count_leading_zeros(divisor_limb);
^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
lib/mpi/mpih-div.c:473:4: note: The value 32 is assigned to 'normalization_steps'
normalization_steps = count_leading_zeros(divisor_limb);
^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
lib/mpi/mpih-div.c:474:8: note: 'normalization_steps' is 32
if (normalization_steps) {
^~~~~~~~~~~~~~~~~~~
lib/mpi/mpih-div.c:474:4: note: Taking true branch
if (normalization_steps) {
^
lib/mpi/mpih-div.c:475:18: note: Assigned value is garbage or undefined
divisor_limb <<= normalization_steps;
^ ~~~~~~~~~~~~~~~~~~~
Suppressed 6 warnings (6 in non-user code).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
6 warnings generated.
Suppressed 6 warnings (6 in non-user code).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
2 warnings generated.
Suppressed 2 warnings (2 in non-user code).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
7 warnings generated.
>> arch/riscv/include/asm/spinlock.h:24:2: warning: Dereference of null pointer [clang-analyzer-core.NullDereference]
smp_store_release(&lock->lock, 0);
^
include/asm-generic/barrier.h:138:33: note: expanded from macro 'smp_store_release'
#define smp_store_release(p, v) __smp_store_release(p, v)
^
arch/riscv/include/asm/barrier.h:34:2: note: expanded from macro '__smp_store_release'
WRITE_ONCE(*p, v); \
^
include/asm-generic/rwonce.h:61:2: note: expanded from macro 'WRITE_ONCE'
__WRITE_ONCE(x, val); \
^
include/asm-generic/rwonce.h:55:30: note: expanded from macro '__WRITE_ONCE'
*(volatile typeof(x) *)&(x) = (val); \
^
kernel/locking/rtmutex_api.c:419:2: note: Loop condition is false. Exiting loop
raw_spin_lock_irqsave(&task->pi_lock, flags);
^
include/linux/spinlock.h:250:2: note: expanded from macro 'raw_spin_lock_irqsave'
do { \
^
kernel/locking/rtmutex_api.c:422:6: note: Assuming 'waiter' is non-null
if (!waiter || rt_mutex_waiter_equal(waiter, task_to_waiter(task))) {
^~~~~~~
kernel/locking/rtmutex_api.c:422:6: note: Left side of '||' is false
kernel/locking/rtmutex_api.c:422:2: note: Taking false branch
if (!waiter || rt_mutex_waiter_equal(waiter, task_to_waiter(task))) {
^
kernel/locking/rtmutex_api.c:427:2: note: Loop condition is false. Exiting loop
raw_spin_unlock_irqrestore(&task->pi_lock, flags);
^
include/linux/spinlock.h:288:2: note: expanded from macro 'raw_spin_unlock_irqrestore'
do { \
^
kernel/locking/rtmutex_api.c:432:2: note: Calling 'rt_mutex_adjust_prio_chain'
rt_mutex_adjust_prio_chain(task, RT_MUTEX_MIN_CHAINWALK, NULL,
^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
kernel/locking/rtmutex.c:466:6: note: Assuming the condition is false
if (++depth > max_lock_depth) {
^~~~~~~~~~~~~~~~~~~~~~~~
kernel/locking/rtmutex.c:466:2: note: Taking false branch
if (++depth > max_lock_depth) {
^
kernel/locking/rtmutex.c:510:6: note: Assuming 'waiter' is non-null
if (!waiter)
^~~~~~~
kernel/locking/rtmutex.c:510:2: note: Taking false branch
if (!waiter)
^
kernel/locking/rtmutex.c:517:6: note: 'orig_waiter' is null
if (orig_waiter && !rt_mutex_owner(orig_lock))
^~~~~~~~~~~
kernel/locking/rtmutex.c:517:18: note: Left side of '&&' is false
if (orig_waiter && !rt_mutex_owner(orig_lock))
^
kernel/locking/rtmutex.c:529:6: note: Assuming 'next_lock' is equal to field 'lock'
if (next_lock != waiter->lock)
^~~~~~~~~~~~~~~~~~~~~~~~~
kernel/locking/rtmutex.c:529:2: note: Taking false branch
if (next_lock != waiter->lock)
^
kernel/locking/rtmutex.c:537:6: note: 'top_waiter' is null
if (top_waiter) {
^~~~~~~~~~
kernel/locking/rtmutex.c:537:2: note: Taking false branch
if (top_waiter) {
^
kernel/locking/rtmutex.c:561:6: note: Calling 'rt_mutex_waiter_equal'
if (rt_mutex_waiter_equal(waiter, task_to_waiter(task))) {
^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
kernel/locking/rtmutex.c:274:6: note: Assuming 'left->prio' is not equal to 'right->prio'
if (left->prio != right->prio)
^~~~~~~~~~~~~~~~~~~~~~~~~
kernel/locking/rtmutex.c:274:2: note: Taking true branch
if (left->prio != right->prio)
^
kernel/locking/rtmutex.c:275:3: note: Returning without writing to 'left->lock'
return 0;
^
kernel/locking/rtmutex.c:275:3: note: Returning zero, which participates in a condition later
return 0;
^~~~~~~~
kernel/locking/rtmutex.c:561:6: note: Returning from 'rt_mutex_waiter_equal'
if (rt_mutex_waiter_equal(waiter, task_to_waiter(task))) {
^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
kernel/locking/rtmutex.c:561:2: note: Taking false branch
if (rt_mutex_waiter_equal(waiter, task_to_waiter(task))) {
^
kernel/locking/rtmutex.c:571:2: note: Value assigned to 'lock'
lock = waiter->lock;
^~~~~~~~~~~~~~~~~~~
kernel/locking/rtmutex.c:577:6: note: Assuming the condition is false
if (!raw_spin_trylock(&lock->wait_lock)) {
^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
kernel/locking/rtmutex.c:577:2: note: Taking false branch
if (!raw_spin_trylock(&lock->wait_lock)) {
^
kernel/locking/rtmutex.c:592:6: note: Assuming 'lock' is equal to 'orig_lock'
if (lock == orig_lock || rt_mutex_owner(lock) == top_task) {
^~~~~~~~~~~~~~~~~
kernel/locking/rtmutex.c:592:24: note: Left side of '||' is true
vim +24 arch/riscv/include/asm/spinlock.h
fab957c11efe2f Palmer Dabbelt 2017-07-10 21
fab957c11efe2f Palmer Dabbelt 2017-07-10 22 static inline void arch_spin_unlock(arch_spinlock_t *lock)
fab957c11efe2f Palmer Dabbelt 2017-07-10 23 {
0123f4d76ca63b Andrea Parri 2018-03-09 @24 smp_store_release(&lock->lock, 0);
fab957c11efe2f Palmer Dabbelt 2017-07-10 25 }
fab957c11efe2f Palmer Dabbelt 2017-07-10 26
:::::: The code at line 24 was first introduced by commit
:::::: 0123f4d76ca63b7b895f40089be0ce4809e392d8 riscv/spinlock: Strengthen implementations with fences
:::::: TO: Andrea Parri <parri.andrea@gmail.com>
:::::: CC: Palmer Dabbelt <palmer@sifive.com>
---
0-DAY CI Kernel Test Service
https://lists.01.org/hyperkitty/list/kbuild-all(a)lists.01.org
^ permalink raw reply [flat|nested] 3+ messages in thread
* arch/riscv/include/asm/spinlock.h:24:2: warning: Dereference of null pointer [clang-analyzer-core.NullDereference]
@ 2022-02-01 13:25 kernel test robot
0 siblings, 0 replies; 3+ messages in thread
From: kernel test robot @ 2022-02-01 13:25 UTC (permalink / raw)
To: kbuild
[-- Attachment #1: Type: text/plain, Size: 14509 bytes --]
CC: llvm(a)lists.linux.dev
CC: kbuild-all(a)lists.01.org
CC: linux-kernel(a)vger.kernel.org
TO: Thomas Gleixner <tglx@linutronix.de>
CC: Ingo Molnar <mingo@kernel.org>
CC: "Peter Zijlstra (Intel)" <peterz@infradead.org>
tree: https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git master
head: 26291c54e111ff6ba87a164d85d4a4e134b7315c
commit: 531ae4b06a737ed5539cd75dc6f6b9a28f900bba locking/rtmutex: Split API from implementation
date: 6 months ago
:::::: branch date: 2 days ago
:::::: commit date: 6 months ago
config: riscv-randconfig-c006-20220121 (https://download.01.org/0day-ci/archive/20220201/202202012114.Gf0Lurwz-lkp(a)intel.com/config)
compiler: clang version 14.0.0 (https://github.com/llvm/llvm-project d4baf3b1322b84816aa623d8e8cb45a49cb68b84)
reproduce (this is a W=1 build):
wget https://raw.githubusercontent.com/intel/lkp-tests/master/sbin/make.cross -O ~/bin/make.cross
chmod +x ~/bin/make.cross
# install riscv cross compiling tool for clang build
# apt-get install binutils-riscv64-linux-gnu
# https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=531ae4b06a737ed5539cd75dc6f6b9a28f900bba
git remote add linus https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git
git fetch --no-tags linus master
git checkout 531ae4b06a737ed5539cd75dc6f6b9a28f900bba
# save the config file to linux build tree
COMPILER_INSTALL_PATH=$HOME/0day COMPILER=clang make.cross ARCH=riscv clang-analyzer
If you fix the issue, kindly add following tag as appropriate
Reported-by: kernel test robot <lkp@intel.com>
clang-analyzer warnings: (new ones prefixed by >>)
^
fs/ext4/indirect.c:1254:3: note: Taking false branch
if (n == 1) {
^
fs/ext4/indirect.c:1265:17: note: Calling 'ext4_find_shared'
partial = p = ext4_find_shared(inode, n, offsets, chain, &nr);
^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
fs/ext4/indirect.c:795:18: note: 'k' is <= 1
for (k = depth; k > 1 && !offsets[k-1]; k--)
^
fs/ext4/indirect.c:795:24: note: Left side of '&&' is false
for (k = depth; k > 1 && !offsets[k-1]; k--)
^
fs/ext4/indirect.c:797:12: note: Calling 'ext4_get_branch'
partial = ext4_get_branch(inode, k, offsets, chain, &err);
^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
fs/ext4/indirect.c:155:25: note: Left side of '&&' is false
add_chain(chain, NULL, EXT4_I(inode)->i_data + *offsets);
^
include/trace/events/ext4.h:22:24: note: expanded from macro 'EXT4_I'
#define EXT4_I(inode) (container_of(inode, struct ext4_inode_info, vfs_inode))
^
include/linux/kernel.h:495:61: note: expanded from macro 'container_of'
BUILD_BUG_ON_MSG(!__same_type(*(ptr), ((type *)0)->member) && \
^
fs/ext4/indirect.c:155:25: note: Taking false branch
add_chain(chain, NULL, EXT4_I(inode)->i_data + *offsets);
^
include/trace/events/ext4.h:22:24: note: expanded from macro 'EXT4_I'
#define EXT4_I(inode) (container_of(inode, struct ext4_inode_info, vfs_inode))
^
include/linux/kernel.h:495:2: note: expanded from macro 'container_of'
BUILD_BUG_ON_MSG(!__same_type(*(ptr), ((type *)0)->member) && \
^
include/linux/build_bug.h:39:37: note: expanded from macro 'BUILD_BUG_ON_MSG'
#define BUILD_BUG_ON_MSG(cond, msg) compiletime_assert(!(cond), msg)
^
include/linux/compiler_types.h:328:2: note: expanded from macro 'compiletime_assert'
_compiletime_assert(condition, msg, __compiletime_assert_, __COUNTER__)
^
include/linux/compiler_types.h:316:2: note: expanded from macro '_compiletime_assert'
__compiletime_assert(condition, msg, prefix, suffix)
^
include/linux/compiler_types.h:308:3: note: expanded from macro '__compiletime_assert'
if (!(condition)) \
^
fs/ext4/indirect.c:155:25: note: Loop condition is false. Exiting loop
add_chain(chain, NULL, EXT4_I(inode)->i_data + *offsets);
^
include/trace/events/ext4.h:22:24: note: expanded from macro 'EXT4_I'
#define EXT4_I(inode) (container_of(inode, struct ext4_inode_info, vfs_inode))
^
include/linux/kernel.h:495:2: note: expanded from macro 'container_of'
BUILD_BUG_ON_MSG(!__same_type(*(ptr), ((type *)0)->member) && \
^
include/linux/build_bug.h:39:37: note: expanded from macro 'BUILD_BUG_ON_MSG'
#define BUILD_BUG_ON_MSG(cond, msg) compiletime_assert(!(cond), msg)
^
include/linux/compiler_types.h:328:2: note: expanded from macro 'compiletime_assert'
_compiletime_assert(condition, msg, __compiletime_assert_, __COUNTER__)
^
include/linux/compiler_types.h:316:2: note: expanded from macro '_compiletime_assert'
__compiletime_assert(condition, msg, prefix, suffix)
^
include/linux/compiler_types.h:306:2: note: expanded from macro '__compiletime_assert'
do { \
^
fs/ext4/indirect.c:155:47: note: The right operand of '+' is a garbage value
add_chain(chain, NULL, EXT4_I(inode)->i_data + *offsets);
^ ~~~~~~~~
Suppressed 16 warnings (9 in non-user code, 7 with check filters).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
19 warnings generated.
Suppressed 19 warnings (12 in non-user code, 7 with check filters).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
19 warnings generated.
Suppressed 19 warnings (12 in non-user code, 7 with check filters).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
19 warnings generated.
Suppressed 19 warnings (12 in non-user code, 7 with check filters).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
11 warnings generated.
Suppressed 11 warnings (4 in non-user code, 7 with check filters).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
12 warnings generated.
Suppressed 12 warnings (5 in non-user code, 7 with check filters).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
6 warnings generated.
Suppressed 6 warnings (4 in non-user code, 2 with check filters).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
4 warnings generated.
Suppressed 4 warnings (4 in non-user code).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
11 warnings generated.
Suppressed 11 warnings (4 in non-user code, 7 with check filters).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
2 warnings generated.
Suppressed 2 warnings (2 in non-user code).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
6 warnings generated.
>> arch/riscv/include/asm/spinlock.h:24:2: warning: Dereference of null pointer [clang-analyzer-core.NullDereference]
smp_store_release(&lock->lock, 0);
^
include/asm-generic/barrier.h:138:33: note: expanded from macro 'smp_store_release'
#define smp_store_release(p, v) __smp_store_release(p, v)
^
arch/riscv/include/asm/barrier.h:34:2: note: expanded from macro '__smp_store_release'
WRITE_ONCE(*p, v); \
^
include/asm-generic/rwonce.h:61:2: note: expanded from macro 'WRITE_ONCE'
__WRITE_ONCE(x, val); \
^
include/asm-generic/rwonce.h:55:30: note: expanded from macro '__WRITE_ONCE'
*(volatile typeof(x) *)&(x) = (val); \
^
kernel/locking/rtmutex_api.c:419:2: note: Loop condition is false. Exiting loop
raw_spin_lock_irqsave(&task->pi_lock, flags);
^
include/linux/spinlock.h:250:2: note: expanded from macro 'raw_spin_lock_irqsave'
do { \
^
kernel/locking/rtmutex_api.c:422:6: note: Assuming 'waiter' is non-null
if (!waiter || rt_mutex_waiter_equal(waiter, task_to_waiter(task))) {
^~~~~~~
kernel/locking/rtmutex_api.c:422:6: note: Left side of '||' is false
kernel/locking/rtmutex_api.c:422:2: note: Taking false branch
if (!waiter || rt_mutex_waiter_equal(waiter, task_to_waiter(task))) {
^
kernel/locking/rtmutex_api.c:427:2: note: Loop condition is false. Exiting loop
raw_spin_unlock_irqrestore(&task->pi_lock, flags);
^
include/linux/spinlock.h:288:2: note: expanded from macro 'raw_spin_unlock_irqrestore'
do { \
^
kernel/locking/rtmutex_api.c:432:2: note: Calling 'rt_mutex_adjust_prio_chain'
rt_mutex_adjust_prio_chain(task, RT_MUTEX_MIN_CHAINWALK, NULL,
^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
kernel/locking/rtmutex.c:466:6: note: Assuming the condition is false
if (++depth > max_lock_depth) {
^~~~~~~~~~~~~~~~~~~~~~~~
kernel/locking/rtmutex.c:466:2: note: Taking false branch
if (++depth > max_lock_depth) {
^
kernel/locking/rtmutex.c:510:6: note: Assuming 'waiter' is non-null
if (!waiter)
^~~~~~~
kernel/locking/rtmutex.c:510:2: note: Taking false branch
if (!waiter)
^
kernel/locking/rtmutex.c:517:6: note: 'orig_waiter' is null
if (orig_waiter && !rt_mutex_owner(orig_lock))
^~~~~~~~~~~
kernel/locking/rtmutex.c:517:18: note: Left side of '&&' is false
if (orig_waiter && !rt_mutex_owner(orig_lock))
^
kernel/locking/rtmutex.c:529:6: note: Assuming 'next_lock' is equal to field 'lock'
if (next_lock != waiter->lock)
^~~~~~~~~~~~~~~~~~~~~~~~~
kernel/locking/rtmutex.c:529:2: note: Taking false branch
if (next_lock != waiter->lock)
^
kernel/locking/rtmutex.c:537:6: note: 'top_waiter' is null
if (top_waiter) {
^~~~~~~~~~
kernel/locking/rtmutex.c:537:2: note: Taking false branch
if (top_waiter) {
^
kernel/locking/rtmutex.c:561:6: note: Calling 'rt_mutex_waiter_equal'
if (rt_mutex_waiter_equal(waiter, task_to_waiter(task))) {
^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
kernel/locking/rtmutex.c:274:6: note: Assuming 'left->prio' is not equal to 'right->prio'
if (left->prio != right->prio)
^~~~~~~~~~~~~~~~~~~~~~~~~
kernel/locking/rtmutex.c:274:2: note: Taking true branch
if (left->prio != right->prio)
^
kernel/locking/rtmutex.c:275:3: note: Returning without writing to 'left->lock'
return 0;
^
kernel/locking/rtmutex.c:275:3: note: Returning zero, which participates in a condition later
return 0;
^~~~~~~~
kernel/locking/rtmutex.c:561:6: note: Returning from 'rt_mutex_waiter_equal'
if (rt_mutex_waiter_equal(waiter, task_to_waiter(task))) {
^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
kernel/locking/rtmutex.c:561:2: note: Taking false branch
if (rt_mutex_waiter_equal(waiter, task_to_waiter(task))) {
^
kernel/locking/rtmutex.c:571:2: note: Value assigned to 'lock'
lock = waiter->lock;
^~~~~~~~~~~~~~~~~~~
kernel/locking/rtmutex.c:577:6: note: Assuming the condition is false
if (!raw_spin_trylock(&lock->wait_lock)) {
^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
kernel/locking/rtmutex.c:577:2: note: Taking false branch
if (!raw_spin_trylock(&lock->wait_lock)) {
^
kernel/locking/rtmutex.c:592:6: note: Assuming 'lock' is equal to 'orig_lock'
if (lock == orig_lock || rt_mutex_owner(lock) == top_task) {
^~~~~~~~~~~~~~~~~
kernel/locking/rtmutex.c:592:24: note: Left side of '||' is true
vim +24 arch/riscv/include/asm/spinlock.h
fab957c11efe2f Palmer Dabbelt 2017-07-10 21
fab957c11efe2f Palmer Dabbelt 2017-07-10 22 static inline void arch_spin_unlock(arch_spinlock_t *lock)
fab957c11efe2f Palmer Dabbelt 2017-07-10 23 {
0123f4d76ca63b Andrea Parri 2018-03-09 @24 smp_store_release(&lock->lock, 0);
fab957c11efe2f Palmer Dabbelt 2017-07-10 25 }
fab957c11efe2f Palmer Dabbelt 2017-07-10 26
:::::: The code at line 24 was first introduced by commit
:::::: 0123f4d76ca63b7b895f40089be0ce4809e392d8 riscv/spinlock: Strengthen implementations with fences
:::::: TO: Andrea Parri <parri.andrea@gmail.com>
:::::: CC: Palmer Dabbelt <palmer@sifive.com>
---
0-DAY CI Kernel Test Service, Intel Corporation
https://lists.01.org/hyperkitty/list/kbuild-all(a)lists.01.org
^ permalink raw reply [flat|nested] 3+ messages in thread
end of thread, other threads:[~2022-03-18 5:07 UTC | newest]
Thread overview: 3+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2022-01-27 4:37 arch/riscv/include/asm/spinlock.h:24:2: warning: Dereference of null pointer [clang-analyzer-core.NullDereference] kernel test robot
2022-02-01 13:25 kernel test robot
2022-03-18 5:07 kernel test robot
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.